<?php
/**
 * Copyright 2011  SURFfoundation
 * 
 * This file is part of ESCAPE.
 * 
 * ESCAPE is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 * 
 * ESCAPE is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public License
 * along with ESCAPE.  If not, see <http://www.gnu.org/licenses/>.
 * 
 * For more information:
 * http://escapesurf.wordpress.com/
 * http://www.surffoundation.nl/
 * 
 * Contact: d.vierkant@utwente.nl
 * 
 * @license http://www.gnu.org/licenses/gpl.html GNU GPLv3
 */
?>
<?php
/**
 * Send password reset email
 */
class escape_repositoryui_action_SendPasswordResetEmail extends escape_repositoryui_Action
{
	public function handleRequest()
	{
		$viewName = 'PasswordResetEmailSendSelect';

		/* @var $repository escape_repository_Repository */
		$repository =& $this->requestAttributes['repository'];
		/* @var $repositoryUi escape_repositoryui_RepositoryUi */
		$repositoryUi =& $this->requestAttributes['repositoryUi'];
		
		// check if password reset is available
		if(!$repository->config['password_reset_enabled'])
		{
			print 'Password reset is not available.';
			return null;
		}
		
		$errorMessages = array();
		
		// check if a user ID was submitted
		$userId = $_POST['userId'];
		if(isset($userId))
		{
			$user = null;
			try
			{
				// fetch the user object
				$userUri = $repository->convertUserObjectIdToObjectUri($userId);
				$user = $repository->getUserByUri($userUri);
				
				// compose the password reset token
				// by adding a timestamp, the token can be tested for expiration
				// by adding a slice of the current password hash, the token will automatically expire after the password has been changed
				$token = $user->getId() . '::' . time() . '::' . substr($user->getPasswordHash(), -8);
				
				// encrypt the token
				$encryptedToken = escape_encryptData($token, $repository->config['password_reset_encryption_password']);
				
				// generate a link
				$link = $repository->config['server_url'] . '/resetPassword/?token=' . rawurlencode(base64_encode($encryptedToken));
				
				// compose an email
				$subject = "Reset your ESCAPE password";
				$message = "Please use the following link to reset your ESCAPE password:\r\n\r\n" . $link;
				$headers = "From: " . $repository->config['password_reset_from'] . "\r\nReply-To: " . $repository->config['password_reset_from'] . "\r\nReturn-Path: " . $repository->config['password_reset_from'] . "\r\nErrors-To: " . $repository->config['password_reset_from'];
				
				// send the emal
				mail($user->getMbox(), $subject, $message, $headers);
				
				$viewName = 'PasswordResetEmailSendCompleted';
			}
			catch(Exception $exception)
			{
				$errorMessages[] = 'User "' . htmlspecialchars($userId) . '" does not exist.';
			}
		}
		
		$this->requestAttributes['errorMessages'] =& $errorMessages;
		
		return $viewName;
	}
}